Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/c791dd-8b17-49c5-a1ef-6cf1ca508d1a/1/IQ-Ly8j0GWr1xsbBPEBAu0wl6Ac.roa
File: IQ-Ly8j0GWr1xsbBPEBAu0wl6Ac.roa (raw, json)
Hash identifier: c3S6MfTkDUkBKUx+mPqRd592vD7uzdEeMjTX9lpeyG4=
Subject key identifier: 21:0F:8B:CB:C8:F4:19:6A:F5:C6:C6:C1:3C:40:40:BB:4C:25:E8:07
Certificate issuer: /CN=2c6f3cc5d785942e6048093c7433973aeb15fe22
Certificate serial: 01856CC160E71CAE7FECA633DDF802E347CF
Authority key identifier: 2C:6F:3C:C5:D7:85:94:2E:60:48:09:3C:74:33:97:3A:EB:15:FE:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LG88xdeFlC5gSAk8dDOXOusV_iI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/c791dd-8b17-49c5-a1ef-6cf1ca508d1a/1/IQ-Ly8j0GWr1xsbBPEBAu0wl6Ac.roa
Signing time: Sun 01 Jan 2023 09:54:50 +0000
ROA not before: Sun 01 Jan 2023 09:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25057
IP address blocks: 195.216.214.0/23 maxlen: 24
2001:67c:214::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:60:e7:1c:ae:7f:ec:a6:33:dd:f8:02:e3:47:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c6f3cc5d785942e6048093c7433973aeb15fe22
Validity
Not Before: Jan 1 09:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=210f8bcbc8f4196af5c6c6c13c4040bb4c25e807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3b:d8:fc:0b:e9:50:f7:65:16:ef:57:2f:6d:
c6:dc:64:36:12:3f:18:79:07:c9:a2:71:a8:b3:46:
76:5c:bd:2d:10:4e:b3:16:c8:a6:f6:aa:9b:0d:cf:
55:df:46:f3:76:9f:5f:c3:c5:d1:07:30:19:c6:45:
ea:ed:0f:d8:4a:91:f2:61:1f:71:2a:2a:00:37:1c:
9c:2d:eb:a5:7f:87:87:1c:0c:4e:a6:a6:8f:ed:73:
70:6a:56:36:ab:4d:a4:7b:a4:95:5d:cf:2a:b2:37:
a8:f7:37:14:a6:d6:42:ea:4c:82:94:45:7d:5a:63:
06:8d:55:53:81:29:63:c2:16:9f:26:fa:f3:04:b8:
cf:f9:8c:b2:75:3c:da:73:ed:fb:ed:66:71:1b:83:
ec:65:d9:04:7c:67:30:96:8f:e1:d1:9e:2f:00:46:
13:b0:6b:98:ae:69:2e:b4:cf:5f:96:58:a8:16:3b:
52:57:09:3f:57:d3:8d:18:2f:d4:23:99:04:76:3e:
ca:ac:4f:74:4d:fb:b3:16:0d:96:53:a3:89:e9:df:
05:89:06:da:1e:7d:d7:e9:b3:bb:0d:6f:f8:7c:b4:
1c:d2:b9:5a:28:a2:ef:8a:7f:cb:70:29:56:4b:ea:
fa:06:cf:9a:28:5a:eb:dc:01:30:6a:b5:ab:96:57:
20:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0F:8B:CB:C8:F4:19:6A:F5:C6:C6:C1:3C:40:40:BB:4C:25:E8:07
X509v3 Authority Key Identifier:
keyid:2C:6F:3C:C5:D7:85:94:2E:60:48:09:3C:74:33:97:3A:EB:15:FE:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LG88xdeFlC5gSAk8dDOXOusV_iI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/c791dd-8b17-49c5-a1ef-6cf1ca508d1a/1/IQ-Ly8j0GWr1xsbBPEBAu0wl6Ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/c791dd-8b17-49c5-a1ef-6cf1ca508d1a/1/LG88xdeFlC5gSAk8dDOXOusV_iI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.214.0/23
IPv6:
2001:67c:214::/48
Signature Algorithm: sha256WithRSAEncryption
40:9f:c5:d8:00:9e:82:50:e1:7f:0b:e7:a0:7f:80:da:c5:84:
31:61:00:ca:fc:30:d7:4c:33:a7:64:d8:9b:99:a3:c0:98:a4:
40:0b:59:8c:35:63:fb:15:58:62:a0:0b:e9:92:ad:4b:d8:df:
b7:92:3a:24:da:32:64:54:84:d3:0b:d4:9c:bf:17:f2:5d:12:
37:f4:74:00:2e:a3:06:e1:7f:6f:6a:16:e1:f1:5a:bd:d3:6a:
a1:64:50:41:55:94:22:26:a4:93:b9:61:f5:5e:9e:ba:e6:c9:
87:a9:42:01:79:87:7f:23:dc:2f:13:6f:92:e7:4b:bd:7b:95:
69:fd:e1:b2:b3:8f:70:ae:df:35:9c:8d:54:68:68:2c:3a:9d:
c3:4b:3c:b9:82:a0:82:1f:b5:a4:8c:ba:01:39:8c:6e:6a:24:
31:7b:ad:eb:5a:46:e9:c9:39:e0:f7:ef:76:65:d1:ec:bb:31:
98:3f:59:5d:2c:46:b6:67:dd:79:93:4e:1c:f7:65:a8:a1:3c:
75:ba:2f:16:6b:b3:a2:4d:26:cd:0d:48:8d:4e:89:92:6d:77:
61:cd:f7:24:ee:92:b9:e0:56:66:a9:28:9f:6b:3a:c3:56:4f:
19:b6:ab:2b:70:eb:5d:cd:2a:36:dd:15:85:85:3b:f1:6b:9d:
4a:b1:3d:aa
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVswWDnHK5/7KYz3fgC40fPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNmYzY2M1ZDc4NTk0MmU2MDQ4MDkzYzc0MzM5NzNhZWIx
NWZlMjIwHhcNMjMwMTAxMDk1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBmOGJjYmM4ZjQxOTZhZjVjNmM2YzEzYzQwNDBiYjRjMjVlODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDvY/AvpUPdlFu9XL23G3GQ2Ej8Y
eQfJonGos0Z2XL0tEE6zFsim9qqbDc9V30bzdp9fw8XRBzAZxkXq7Q/YSpHyYR9x
KioANxycLeulf4eHHAxOpqaP7XNwalY2q02ke6SVXc8qsjeo9zcUptZC6kyClEV9
WmMGjVVTgSljwhafJvrzBLjP+YyydTzac+377WZxG4PsZdkEfGcwlo/h0Z4vAEYT
sGuYrmkutM9fllioFjtSVwk/V9ONGC/UI5kEdj7KrE90TfuzFg2WU6OJ6d8FiQba
Hn3X6bO7DW/4fLQc0rlaKKLvin/LcClWS+r6Bs+aKFrr3AEwarWrllcgOQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCEPi8vI9Blq9cbGwTxAQLtMJegHMB8GA1UdIwQY
MBaAFCxvPMXXhZQuYEgJPHQzlzrrFf4iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEc4OHhkZUZsQzVnU0FrOGRET1hPdXNWX2lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9jNzkxZGQtOGIxNy00OWM1LWExZWYt
NmNmMWNhNTA4ZDFhLzEvSVEtTHk4ajBHV3IxeHNiQlBFQkF1MHdsNkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9jNzkxZGQtOGIxNy00OWM1LWExZWYtNmNmMWNhNTA4ZDFh
LzEvTEc4OHhkZUZsQzVnU0FrOGRET1hPdXNWX2lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw9jWMA8E
AgACMAkDBwAgAQZ8AhQwDQYJKoZIhvcNAQELBQADggEBAECfxdgAnoJQ4X8L56B/
gNrFhDFhAMr8MNdMM6dk2JuZo8CYpEALWYw1Y/sVWGKgC+mSrUvY37eSOiTaMmRU
hNML1Jy/F/JdEjf0dAAuowbhf29qFuHxWr3TaqFkUEFVlCImpJO5YfVenrrmyYep
QgF5h38j3C8Tb5LnS717lWn94bKzj3Cu3zWcjVRoaCw6ncNLPLmCoIIftaSMugE5
jG5qJDF7retaRunJOeD373Zl0ey7MZg/WV0sRrZn3XmTThz3ZaihPHW6LxZrs6JN
Js0NSI1OiZJtd2HN9yTukrngVmapKJ9rOsNWTxm2qytw613NKjbdFYWFO/FrnUqx
Pao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:57 2024 by rpki-client on console-fra.rpki-client.org